Privacy Policy

Overview

Vonti ("we," "our," or "us") provides a service notification platform that helps businesses communicate with their customers via text messages. This Privacy Policy explains how we collect, use, and protect your information.

Information We Collect

Business Account Information

When you create an account, we collect:

• Email address (verified via one-time code)
• Phone number (verified via SMS)
• Password (encrypted and securely stored)
• Business name
• Business address (optional)
• Business phone number for display (optional)
• Business logo (optional)

Customer Information

When you create service tickets, the following customer data may be stored:

• Customer phone number (required for notifications)
• Customer name (optional)
• Customer email (optional)
• Customer address (optional)
• Service description and notes

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or banking details. We receive and store only your Stripe customer ID and subscription status.

Automatically Collected Information

• IP address (for security and rate limiting)
• Notification delivery status and timestamps
• Whether customers opened their tracking links
• Error logs for troubleshooting (sensitive data is redacted)

How We Use Your Information

• To provide and operate our service notification platform
• To send SMS notifications to your customers on your behalf
• To verify your identity during signup and login
• To process subscription payments
• To prevent fraud and abuse through rate limiting
• To troubleshoot issues and improve our service
• To communicate with you about your account

Third-Party Services

We use the following third-party services to operate Vonti:

• Stripe — Payment processing. Your billing information is handled directly by Stripe under their privacy policy.
• Twilio — SMS delivery. Customer phone numbers and message content are transmitted to Twilio to send notifications.
• Supabase — Database and authentication. All account and ticket data is stored securely in Supabase.
• Cloudflare — Security and CAPTCHA verification during signup.
• Sentry — Error monitoring. We collect anonymized error reports to fix bugs (sensitive data is masked).

Data Retention

• Account data is retained while your account is active
• Ticket data is retained while your account is active
• Notification logs are automatically deleted after 90 days
• Status history is automatically deleted after 180 days
• Verification codes expire after 10 minutes

Data Security

We implement security measures including:

• Encrypted data transmission (HTTPS only)
• Secure password hashing
• Rate limiting to prevent abuse
• Row-level security on database tables
• Input validation and sanitization
• Webhook signature verification

Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Your Rights

You may:

• Access and update your account information in Settings
• Delete tickets and customer data from your dashboard
• Cancel your subscription at any time via the billing portal
• Request deletion of your account by contacting us

Customer Data

As a business using Vonti, you are responsible for ensuring you have appropriate consent from your customers before adding their phone numbers and sending them notifications. You should inform your customers that they will receive text messages about their service status.

Children's Privacy

Vonti is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service.

Contact Us

If you have questions about this Privacy Policy, please contact us at support@vonti.co